Item Search

Name	Audit Name	Plugin	Category
1.1.4.2 Set 'Deny log on through Remote Desktop Services' to 'Guests'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.11 Set 'Enable computer and user accounts to be trusted for delegation' to 'No One'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.16 Set 'Act as part of the operating system' to 'No One'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.20 Set 'Access Credential Manager as a trusted caller' to 'No One'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.25 Set 'Impersonate a client after authentication' to 'Administrators, SERVICE, Local Service, Network Service'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.27 Set 'Adjust memory quotas for a process' to 'Administrators, Local Service, Network Service'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.32 Set 'Change the system time' to 'LOCAL SERVICE, Administrators'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.34 Configure 'Log on as a service'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.41 Set 'Create a token object' to 'No One'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
1.1.4.42 Set 'Modify an object label' to 'No one'	CIS Windows 8 L1 v1.0.0	Windows	ACCESS CONTROL
2.2.5 Ensure 'Allow log on locally' is set to 'Administrators, Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.6 Ensure 'Allow log on through Remote Desktop Services' is set to 'Administrators, Remote Desktop Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.7 Ensure 'Back up files and directories' is set to 'Administrators'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.9 Ensure 'Change the time zone' is set to 'Administrators, LOCAL SERVICE, Users'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.13 Ensure 'Create permanent shared objects' is set to 'No One'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.13 Ensure 'Create permanent shared objects' is set to 'No One'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.14 Configure 'Create symbolic links'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.18 Ensure 'Deny log on as a service' to include 'Guests'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.23 Ensure 'Generate security audits' is set to 'LOCAL SERVICE, NETWORK SERVICE'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.24 Ensure 'Impersonate a client after authentication' is set to 'Administrators, LOCAL SERVICE, NETWORK SERVICE, SERVICE'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.27 Ensure 'Lock pages in memory' is set to 'No One'	CIS Windows 7 Workstation Level 1 v3.2.0	Windows	ACCESS CONTROL
2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'	CIS Windows 7 Workstation Level 2 v3.2.0	Windows	ACCESS CONTROL
2.2.28 Ensure 'Log on as a batch job' is set to 'Administrators'	CIS Windows 7 Workstation Level 2 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.33 Ensure 'Perform volume maintenance tasks' is set to 'Administrators'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.34 Ensure 'Profile single process' is set to 'Administrators'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
2.2.35 Ensure 'Profile system performance' is set to 'Administrators, NT SERVICE\WdiServiceHost'	CIS Windows 7 Workstation Level 1 + Bitlocker v3.2.0	Windows	ACCESS CONTROL
Act as part of the operating system	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Act as part of the operating system	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Backup files and directories	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Change the system time	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Create a pagefile	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Create a pagefile	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Create a token object	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Create global objects	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Debug programs	MSCT Windows 10 v2004 v1.0.0	Windows	ACCESS CONTROL
Deny access to this computer from the network	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Force shutdown from a remote system	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Impersonate a client after authentication	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Increase scheduling priority	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Lock pages in memory	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Manage auditing and security log	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Perform volume maintenance tasks	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Profile single process	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Profile single process	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL
Replace a process level token	MSCT Windows 10 v1507 v1.0.0	Windows	ACCESS CONTROL
Restore files and directories	MSCT Windows 10 v2004 v1.0.0	Windows	ACCESS CONTROL
Restore files and directories	MSCT Windows 10 v20H2 v1.0.0	Windows	ACCESS CONTROL

Detections

Analytics

Item Search